ports/144475: lang/php5 update from 5.2.12 to 5.2.13

Thu Mar 4 19:20:02 UTC 2010

>Number:         144475
>Category:       ports
>Synopsis:       lang/php5 update from 5.2.12 to 5.2.13
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu Mar 04 19:20:01 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator:     falz
>Release:        FreeBSD 8.0-RELEASE i386
>Organization:
>Environment:
System: FreeBSD falz.net 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009 root at almeida.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC i386


	
>Description:
	PHP 5.2.12 has a known vulnerability in the wild. See:
		http://www.php.net/releases/5_2_13.php
	and
		http://samy.pl/phpwn/

	Patch to update php5.2.12 to 5.2.13. Also bumped suhosin patch
	which was at 5.2.11 for 5.2.12. Patch also avilable here:

		http://falz.net/static/lang-php5.2.13.diff

>How-To-Repeat:
>Fix:
	patch

--- lang-php5.2.13.diff begins here ---
diff -ruN /usr/ports/lang/php5/Makefile /usr/local/ports/lang/php5/Makefile
--- /usr/ports/lang/php5/Makefile	2009-12-29 08:39:10.000000000 -0600
+++ /usr/local/ports/lang/php5/Makefile	2010-03-04 12:22:24.000000000 -0600
@@ -2,11 +2,9 @@
 # Date created:				Tue Feb 18 11:17:13 CET 2003
 # Whom:					Alex Dupre <sysadmin at alexdupre.com>
 #
-# $FreeBSD: ports/lang/php5/Makefile,v 1.141 2009/12/29 14:39:10 ale Exp $
-#
 
 PORTNAME=	php5
-PORTVERSION=	5.2.12
+PORTVERSION=	5.2.13
 PORTREVISION?=	0
 CATEGORIES?=	lang devel www
 MASTER_SITES=	${MASTER_SITE_PHP}
@@ -57,7 +55,7 @@
 
 .if !defined(WITHOUT_SUHOSIN)
 #PATCHFILES+=	suhosin-patch-${PORTVERSION}-0.9.7.patch.gz:suhosin
-PATCHFILES+=	suhosin-patch-5.2.11-0.9.7.patch.gz:suhosin
+PATCHFILES+=	suhosin-patch-5.2.13-0.9.7.patch.gz:suhosin
 PATCH_SITES+=	http://download.suhosin.org/:suhosin
 PLIST_SUB+=	SUHOSIN=""
 .else
diff -ruN /usr/ports/lang/php5/distinfo /usr/local/ports/lang/php5/distinfo
--- /usr/ports/lang/php5/distinfo	2009-12-29 08:39:10.000000000 -0600
+++ /usr/local/ports/lang/php5/distinfo	2010-03-04 12:22:20.000000000 -0600
@@ -1,9 +1,9 @@
-MD5 (php-5.2.12.tar.bz2) = 5b7077e366c7eeab34da31dd860a1923
-SHA256 (php-5.2.12.tar.bz2) = e65756a8412726a491ca48da1e0693eaeb3f38f19fb6cbc8f53005cab1f2491a
-SIZE (php-5.2.12.tar.bz2) = 9075161
-MD5 (suhosin-patch-5.2.11-0.9.7.patch.gz) = 8f9de4d97fae6eba163cf3699509a260
-SHA256 (suhosin-patch-5.2.11-0.9.7.patch.gz) = 392f10c9b7d9c47f30e989fb7775cc46d36153b933bf7ac9ccd8826b2954584b
-SIZE (suhosin-patch-5.2.11-0.9.7.patch.gz) = 23050
+MD5 (php-5.2.13.tar.bz2) = eb4d0766dc4fb9667f05a68b6041e7d1
+SHA256 (php-5.2.13.tar.bz2) = 2b50a2535e3bb9a98cd4d1633f9452d877276c40b385915261f040d535c7eadb
+SIZE (php-5.2.13.tar.bz2) = 9084518
+MD5 (suhosin-patch-5.2.13-0.9.7.patch.gz) = 8188e119ce7abce98b8f004de46fbac5
+SHA256 (suhosin-patch-5.2.13-0.9.7.patch.gz) = 787743e5d201ab2ce3fcc3f252eedd7f167470fa1f55af0646d7f03aab89d184
+SIZE (suhosin-patch-5.2.13-0.9.7.patch.gz) = 22989
 MD5 (php-5.2.10-mail-header.patch) = 7f73682e78d32e22989c3fb3678d668b
 SHA256 (php-5.2.10-mail-header.patch) = a61d50540f4aae32390118453845c380fe935b6d1e46cef6819c8561946e942f
 SIZE (php-5.2.10-mail-header.patch) = 3383
--- lang-php5.2.13.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

